Departmental Legal Services Unit
Canada Border Services Agency
August 2011

Appendix C – Risk Assessment Guidelines for Audit Recommendations

Examples of criteria used for assessing the risk level of audit recommendations are outlined below:

Assessment Criteria
High Controls are not in place or are inadequate.
Compliance with legislation and regulations is inadequate.
Important issues are identified that impact the achievement of program/operational objectives.
Medium Controls are in place but are not being sufficiently complied with.
Compliance with central agency/departmental policies and established procedures is inadequate.
Issues are identified that impact the efficiency and effectiveness of operations.
Low Controls are in place but the level of compliance varies.
Compliance with central agency/departmental policies and established procedures varies.
Opportunities are identified that could enhance operations.
Date modified: